add eth rpc config

Author: Plopmenz

nextjs-app/app/api/validate/route.ts

@@ -1,5 +1,5 @@
 import { hasAccess } from "@/lib/access";
-import { getXnodeAddress } from "@/lib/xnode-address";
+import { verifyXnodeUserEthAddress as verifyXnodeUserEthAddress } from "@/lib/xnode-address";
 import { cookies as getCookies } from "next/headers";
 import { NextRequest } from "next/server";
 import { isHex } from "viem";
@@ -41,8 +41,13 @@ export async function GET(req: NextRequest) {
         throw new Error();
       }
 
-      const address = await getXnodeAddress({ domain, timestamp, signature });
-      if (requestedUser !== address) {
+      const validSignature = await verifyXnodeUserEthAddress({
+        user: requestedUser,
+        domain,
+        timestamp,
+        signature,
+      });
+      if (!validSignature) {
         requestedUser = undefined;
       }
     } else {

nextjs-app/components/login.tsx

@@ -1,7 +1,7 @@
 "use client";
 
 import { getMessage } from "@/lib/message";
-import { getXnodeAddress } from "@/lib/xnode-address";
+import { toXnodeAddress } from "@/lib/xnode-address";
 import sdk from "@farcaster/miniapp-sdk";
 import { useRouter, useSearchParams } from "next/navigation";
 import { useEffect, useState } from "react";
@@ -15,7 +15,7 @@ export function Login({ deniedForUser }: { deniedForUser?: string }) {
   }, [searchParams]);
   const { replace } = useRouter();
 
-  const { isConnected } = useAccount();
+  const { address } = useAccount();
   const { signMessageAsync, isPending, error: signError } = useSignMessage();
 
   const [loginError, setLoginError] = useState<string>("");
@@ -45,7 +45,7 @@ export function Login({ deniedForUser }: { deniedForUser?: string }) {
             : signError.message}
         </span>
       )}
-      {isConnected &&
+      {address &&
         (isPending ? (
           <div className="flex gap-2">
             <svg
@@ -94,11 +94,7 @@ export function Login({ deniedForUser }: { deniedForUser?: string }) {
                       "Content-Type": "application/json",
                     },
                     body: JSON.stringify({
-                      user: await getXnodeAddress({
-                        domain,
-                        signature,
-                        timestamp: timestamp.toString(),
-                      }),
+                      user: toXnodeAddress({ address }),
                       signature,
                       timestamp: timestamp.toString(),
                     }),

nextjs-app/lib/config.ts

@@ -0,0 +1,7 @@
+export const config = JSON.parse(
+  process.env.XNODEAUTH_CONFIG ?? JSON.stringify({ eth: { rpc: "" } })
+) as {
+  eth: {
+    rpc: string;
+  };
+};

nextjs-app/lib/xnode-address.ts

@@ -1,21 +1,36 @@
-import { Address, Hex, recoverMessageAddress } from "viem";
+import { Address, createPublicClient, Hex, http, verifyMessage } from "viem";
 import { getMessage } from "./message";
+import { config } from "./config";
 
 export function toXnodeAddress({ address }: { address: Address }): string {
   return `eth:${address.replace("0x", "").toLowerCase()}`;
 }
 
-export function getXnodeAddress({
+export async function verifyXnodeUserEthAddress({
+  user,
   domain,
   timestamp,
   signature,
 }: {
+  user: string;
   domain: string;
   timestamp: string;
   signature: Hex;
-}): Promise<string> {
-  return recoverMessageAddress({
+}): Promise<boolean> {
+  if (config.eth.rpc) {
+    const publicClient = createPublicClient({
+      transport: http(config.eth.rpc),
+    });
+    return await publicClient.verifyMessage({
+      address: `0x${user.replace("eth:", "")}`,
+      message: getMessage({ domain, timestamp: Number(timestamp) }),
+      signature,
+    });
+  }
+
+  return await verifyMessage({
+    address: `0x${user.replace("eth:", "")}`,
     message: getMessage({ domain, timestamp: Number(timestamp) }),
     signature,
-  }).then((address) => toXnodeAddress({ address }));
+  });
 }

nextjs-app/package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "xnode-auth",
-  "version": "1.1.1",
+  "version": "1.1.2",
   "scripts": {
     "dev": "next dev",
     "build": "next build",

nextjs-app/package.json

@@ -50,6 +50,7 @@ in
                     };
                   }
                 );
+                default = { };
                 example = {
                   "regex:^eth:*.$" = {
                     paths = "^\/user\/profile(?:\?.*)?$";
@@ -207,6 +208,19 @@ in
         '';
       };
 
+      config = {
+        eth = {
+          rpc = lib.mkOption {
+            type = lib.types.str;
+            default = "";
+            example = "https://mainnet.base.org";
+            description = ''
+              Use an RPC to validate smart account signatures.
+            '';
+          };
+        };
+      };
+
       nginxConfig = {
         enable = lib.mkOption {
           type = lib.types.bool;
@@ -263,6 +277,7 @@ in
                   ) [ ] cfg.domains
                 )
               );
+              XNODEAUTH_CONFIG = builtins.toJSON cfg.config;
             };
             serviceConfig = {
               ExecStart = "${lib.getExe xnode-auth}";

nix/nixos-module.nix

@@ -1,7 +1,7 @@
 { pkgs, lib }:
 pkgs.buildNpmPackage {
   pname = "xnode-auth";
-  version = "1.1.1";
+  version = "1.1.2";
   src = ../nextjs-app;
 
   npmDeps = pkgs.importNpmLock {